Inside Security (Feb 8th, 2018)

Normally, today’s newsletter only is seen by Premium subscribers, but thanks to Imperva’s sponsorship, everyone on the Inside Security list gets a copy. I hope you enjoy these weekly deeper dives and that you will sign up for the Premium service for future editions at the link above. – David Strom, editor of Inside Security

DDoS attacks on the rise, Business Wire hit for more than a week

The number of DDoS attacks continues to increase as hackers get better at leveraging IoT botnets to amplify traffic and as criminals now package DDoS-for-hire SaaS tools. The latest news this past week is that Business Wire’s websites had a sustained attack that lasted more than a week, slowing down network access from their customers and visitors. The attacks began at the end of January and the origins and motivation are still unknown. Business Wire is an online news and press release service that is used by most of the leading businesses around the world. Company officials admitted to the attack but claimed that no private data has been leaked.

An average of eight DDoS daily attacks has been observedby Corero Network Security in a report they issued in November, which is double the rate of what they found at the beginning of 2017. The DDoS-based SaaS services make it easier for anyone to purchase an attack scenario for $100. A fifth of all attacks they have observed use multiple attack vectors to try to penetrate networks.

Another analysis of DDoS attacks by Kaspersky Lab agrees that the multi-vector methods are increasing in frequency in the last quarter of 2017, although the distribution of single attack methods is still similar to the past (see pie chart here). They have found more attacks that are politically motivated, such as those during a Czech election last October and an attack aimed at the Spanish government during the Catalonia independence movement. Neither attack was successful, thankfully.

The number of DDoS attacks continues to increase as hackers get better at leveraging IoT botnets to amplify traffic and as criminals now package DDoS-for-hire SaaS tools. The latest news this past week is that Business Wire’s websites had a sustained attack that lasted more than a week, slowing down network access from their customers and visitors. The attacks began at the end of January and the origins and motivation are still unknown. Business Wire is an online news and press release service that is used by most of the leading businesses around the world. Company officials admitted to the attack but claimed that no private data has been leaked.

An average of eight DDoS daily attacks has been observedby Corero Network Security in a report they issued in November, which is double the rate of what they found at the beginning of 2017. The DDoS-based SaaS services make it easier for anyone to purchase an attack scenario for $100. A fifth of all attacks they have observed use multiple attack vectors to try to penetrate networks.

Another analysis of DDoS attacks by Kaspersky Lab agrees that the multi-vector methods are increasing in frequency in the last quarter of 2017, although the distribution of single attack methods is still similar to the past (see pie chart here). They have found more attacks that are politically motivated, such as those during a Czech election last October and an attack aimed at the Spanish government during the Catalonia independence movement. Neither attack was successful, thankfully.